Cryptocurrency News

Tornado Cash attacker to potentially giveback governance control, proposal reveals

e041efe9 b116 4a93 8df7 9665b34e1955


Just a day after an attacker sparked community-wide panic after hijacking the Tornado Cash governance, a new proposal hints at the possible restoration of the state of governance.

On May 21, the passing of a malicious proposal allowed an attacker to gain complete control over Tornado Cash’s governance. With total control over the governance of the decentralized crypto mixer, the attacker was in a position to inflict massive losses considering they could withdraw all of the locked votes, drain all of the tokens in the governance contract and brick the router.

While the story unfolded, community member Tornadosaurus-Hex or Mr. Tornadosaurus Hex, took proactive steps to minimize the potential damages by publishing a subsequent proposal requesting all members to withdraw all funds locked in governance, as shown below.

467257e8 221e 4a56 b955 27a1491b66f5
Tornado Cash community member’s proposal for gaining control from attacker. Source: forums.tornadocash.community

However, Mr. Tornadosaurus Hex (Hex) was uncertain about the effectiveness of the new proposal considering the attacker’s grip over the mixer’s governance. A few hours into the hack, to everyone’s surprise, the attacker surprisingly reached out to the Tornado Cash community with a new proposal, hinting at their intent to give back the governance control.

7c1cf661 a129 476c b52c ebb7a763761f
Tornado Cash attacker’s proposal to return governance control. Source: forums.tornadocash.community

As shown above, Hex communicated the attacker’s plan to the community stating that:

“The attacker posted a new proposal to restore the state of Governance. I think that there is a good chance he’s going to execute it.”

Hex further pointed out that while the community has no other option other than complying with the attacker’s chosen method of giving back the governance control, his due diligence with regard to verifying storage layouts checks out.

584ad60b 64c4 41df 9b12 0a9db36344f3
Mr. Tornadosaurus Hex confirmed the slot matching. Source: orums.tornadocash.community

While many community members showed optimism toward the attacker’s supposed change of heart, others speculate it was a move to pump the TORN token’s price before cashing out.

Related: Allbridge offers bounty to exploiter who stole $573K in flash loan attack

On the bright side, the crypto ecosystem has witnessed a sharp decline in the overall hacks in the first quarter of 2023.

72ea413d 3fa5 4bd3 8f5c 97fcf0f6fc09
Graph showing hacks and exploits from Q1 2022 – Q1 2023. Source: TRM Labs.

However, history suggests that crypto users shouldn’t get complacent as 2022 witnessed a spike in crypto hacks soon after recording a slow phase.

Magazine: ‘Moral responsibility’: Can blockchain really improve trust in AI?